Re: Re: Open Source Database Auditing

From: toggmeister@vulnerabilityassessment.co.uk
Date: Fri May 11 2007 - 02:42:59 EDT


('binary' encoding is not supported, stored as-is) Hi all,
  OAT from Cqure.net was suggested as a tool that may help, the only trouble with testing against 10g with this is it simply will not work unless you physically supply the SID of the database you are testing against.

I have used this tool for quite a while now and even with manually supplying the SID with the -d option, most times I get a failed response.

Listener Security has been tightened from 10g and this tool, oscanner and getsids from cqure are more predominately useful for earlier versions of Oracle. (They are highly recommended for 9 - almost certainly gets me a valid username and password every time.) In addition the in-built accounts.default file only has about 120 Oracle usernames and passwords as default. I have customised my version of this file to include the 600+ that are currently known which just needs to replace the in-built one. It is available from:

http://www.vulnerabilityassessment.co.uk/accounts.default

A number of other tools exist, which are free to use and specifically work on 10g links at:

http://www.vulnerabilityassessment.co.uk/oracle.htm

A fuller list of tools including commercial variants can be found at:

http://www.petefinnigan.com/tools.htm

For background and exploit info check out Alex Kornbrust excellent site:

http://www.red-database-security.com/

In depth white Papers and excellent, (albeit expensive tools), can be found at:

http://www.ngssoftware.com/

Hope this helps

Rgds.

Kev
http://www.vulnerabilityassessment.co.uk

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:47 EDT